2 Answers
2

This should probably be 192.168.100.1. I think it's a good idea to expose the Socks port. Where possible you should prefer Socks. If you're going to use Tor Browser, for example, then you will want to take advantage of things like the Socks auth based circuit isolation.

Redirect TCP Ports...

This is verydangerous, is it forwarding only port 80 and 443 through Tor. You're going to leak like a sieve and it would be trivial to deanonymize you. For example, a website that contains <img src="http://evil.com:81/image.jpg"> in it, will cause you to fetch the image outside of Tor, linking your Tor session to your real IP address. Even if you're not doing web browsing, there are similar attacks for a lot of other protocols (and even file formats).

My recommendation is not to use this firmware to Torify your connection at all, at best you might be able to specify the range 1-65535 for the custom ports, but you'll still be liable to leak non TCP packets. It looks like you'll also need to apply some further configuration to use Tor's DNSPort, there seems to be a distinct dns_intcpt option that it set to redirect those too.

I also suspect that .onion services will not work, because the torrc does not set AutomapHostsOnResolve and an appropriate VirtualAddrNetworkIPv4 to allow the resolve then transproxy required to utilise onion services without direct access to the Socks port.

Some further reading on why I don't like (most) "Tor Routers" is available here.

Then you can configure your browser to use socks proxy 192.168.1.1:9050

This information can be very helpful for those who are googling Tomato TOR Settings documetation.

As for security and privacy, it completely depends on the firmware version and the version of the TOR installed there. If you need real privacy, then you will not find anything safer than a manual build of the latest version of TOR from the source code.